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Period for Reply 
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8) D Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) D The specification is objected to by the Examiner. 

10)D The drawing(s) filed on is/are: a)D accepted or b)D objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1 .85(a). 
Replacement drawing sheet(s) including the correction is required if the drawing(s) is objected to. See 37 CFR 1.121(d). 

I I) D The oath or declaration is objected to by the Examiner. Note the attached Office Action or form PTO-152. 

Priority under 35 U.S.C. § 1 19 

12)D Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 119(a)-(d) or (f). 
a)D All b)D Some * c)D None of: 

1 .□ Certified copies of the priority documents have been received. 

2. D Certified copies of the priority documents have been received in Application No. . 

3. D Copies of the certified copies of the priority documents have been received in this National Stage 

application from the International Bureau (PCT Rule 17.2(a)). 
* See the attached detailed Office action for a list of the certified copies not received. 


Attachment(s) 

1) Notice of References Cited (PTO-892) 

2) □ Notice of Draftsperson's Patent Drawing Review (PTO-948) 

3) □ Information Disclosure Statement(s) (PTO/SB/08) 

Paper No(s)/Mail Date . 


4) □ Interview Summary (PTO-413) 

Paper No(s)/Mail Date. . 

5) □ Notice of Informal Patent Application 

6) □ Other: . 


U.S. Patent and Trademark Office 
PTOL-326 (Rev. 08-06) 


Office Action Summary 


Part of Paper No./Mail Date 20070827 


Application/Control Number: 10/822,048 
Art Unit: 2616 


Page 2 


DETAILED ACTION 

1 . Claims 1-25 is pending in the application. 

Claim Rejections - 35 USC § 1 12 

2. The following is a quotation of the second paragraph of 35 U.S.C. 112: 

The specification shall conclude with one or more claims particularly pointing out and distinctly- 
claiming the subject matter which the applicant regards as his invention. 

3. Claims 4,13, is rejected under 35 U.S.C. 112, second paragraph, as being 
indefinite for failing to particularly point out and distinctly claim the subject matter which 
applicant regards as the invention. Reference to "802. 1x login packets" in claims 4,13 is 
indefinite because it refers to a generic IEEE 802. 1X protocol message and does not 
specify a type of message according to the IEEE 802. 1X protocol in which login packets 
are sent, hence the limitation fails to particularly point out and distinctly claim the subject 
matter which applicant regards as the invention. Appropriate correction is required to 
these claims. 

Claim Rejections - 35 USC § 102 

4. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that 
form the basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 
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(e) the invention was described in (1) an application for patent, published under section 122(b), by another 
filed in the United States before the invention by the applicant for patent or (2) a patent granted on an application for 
patent by another filed in the United States before the invention by the applicant for patent, except that an 
international application filed under the treaty defined in section 351(a) shall have the effects for purposes of this 
subsection of an application filed in the United States only if the international application designated the United States 
and was published under Article 21 (2) of such treaty in the English language. 

5. Claims 1-25 are rejected under 35 U.S.C. 102(e) as being anticipated by Droms 
etal [US Pat: 7,143,435]. 

Regarding claim 1, Droms et al in the invention of "Method and Apparatus for 
Registering Auto-Configured Network Addresses Based on Connection Authentication" 
disclosed a method of developing an access control list (item 146 of Fig 1), comprising: 
developing an enhanced access control list including data related to at least one of user 
names (user groups), DNS names, Windows domain names, and physical addresses 
(col 9, lines 1-27); converting at least one of, user names into corresponding IP and 
physical addresses according to data in the enhanced access control list; DNS names 
into corresponding IP addresses (MAC) according to data in the enhanced access 
control list (col 12, lines 21-32); and physical addresses into IP addresses according to 
data in the enhanced access control list; and developing the access control list from 
each of the operations of converting (col 9, lines 14-27, col 10, lines 16-23). 

Regarding claim 2, Droms et al disclosed storing the user names and 
corresponding IP addresses in a mapping state database that defines current 
relationships among user names (col 7, lines 24-36), DNS names, domain names (col 
12, lines 21-32), and physical addresses (col 11, lines 20-28). 

Regarding claims 3,1 1, Droms et al disclosed that each physical address 
comprises a MAC address (col 10, lines 16-23). 
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Regarding claims 4,13, Droms et al disclosed that converting user names into 
corresponding IP and physical addresses according to data in the enhanced 
access control list comprises: detecting 802. 1x login packets (authentication, user ID 
and password) being communicated over the network; determining a MAC address 
from the 802. 1x login packets (col 2, lines 17-25); detecting server message block 
login packets being communicated over the network (col 2, lines 25-37); and 
determining an IP address from the server message block login packets; and 
developing records in the access control list using the obtained IP address for the 
respective user name (col 2, lines 38-52). 

Regarding claims 5-6,13-14, Droms et al disclosed converting DNS names into 
corresponding IP addresses according to data in the enhanced access control list 
comprises: detecting packets having an unknown source IP address (col 9, lines 14- 
24); generating a DNS name query using the source IP address (col 9, lines 24-27); 
receiving a DNS name associated with the IP address responsive to the query; and 
developing records in the access control list using the obtained IP address for the 
respective DNS name and occasionally generating new DNS name queries for the 
source IP address and thereafter repeating the operations of receiving and developing 
to update the access control list (col 12, lines 21-33).. 

Regarding claims 7,15, Droms et al disclosed occasionally receiving the DNS 
name associated with the IP address and thereafter repeating the operation of 
developing to update the access control list (col 12, lines 66-67,col 13,lines 1-9). 
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Regarding claims 8,17, Droms et al disclosed converting physical addresses 
into IP addresses according to data in the enhanced access control list comprises: 
monitoring DHCP packets communicated over the network (col 13,lines 10-15); 
obtaining an IP address assigned to a particular physical address from the monitored 
DHCP packets (col 11, lines 20-24); and developing records in the access control list 
using the obtained IP address assigned to a respective physical address (col 11, lines 
25-36). 

Regarding claim 9, Droms et al disclosed a method of controlling access of a 
user to a network including a plurality of hosts coupled together through a network 
switch (item 102 of Fig 1), the method comprising: storing in the network switch an 
enhanced access control list containing data related to at least one of user names (col 
7, lines 24-35), DNS names, Windows domain names, and physical addresses (col 11, 
lines 20-28); and generating a dynamic access control list from the enhanced access 
control list, the dynamic access control list containing a plurality of IP addresses that 
restrict access of the user to the network (col 16, lines 21-32). 

Regarding claim 10, Droms et al disclosed generating the dynamic access 
control list comprises: mapping user names to IP addresses (col 12, lines 28-31); 
mapping user names to physical addresses; mapping physical addresses to IP 
addresses (col 10, lines 16-30); mapping unknown IP addresses to physical 
addresses; and mapping unknown IP addresses to DNS names; and applying rules set 
forth in the enhanced access control list relating to controlling access of a user to the 
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addresses determined by the operations of mapping to generate the access control list 
(col 9, lines 9-27). 

Regarding claims 12,16, Droms et al disclosed that the mapping user names to IP 
addresses comprises: detecting server message block login packets being 
communicated over the network (col 12, lines 50-67); and determining an IP address 
from the server message block login packets and mapping unknown IP addresses to 
physical addresses comprises detecting packets having an unknown source IP address 
(col 13, lines 1-18). 

Regarding claims18, 22, Droms et al disclosed a network switching circuit (Figs 1- 
2,6, col 17, lines 5-27), comprising: a forwarding circuit (item 103 of Fig 1) operable to 
detect specific received packets and to provide the specific packets on a processor port 
(col 7, lines 10-24), and further operable to receive packets on one of a plurality of 
ports including the processor port and to forward each received packet to a port 
corresponding to a destination address contained in the packet subject to access 
restrictions contained in a dynamic access control list (col 9, lines 9-23); a memory 
circuit (item 606 of Fig 6) coupled to the forwarding circuit, the memory circuit operable 
to store packets and operable to store an enhanced access control list and a dynamic 
access control list; and a processor (item 604 of Fig 6) coupled to the forwarding circuit 
and to the memory circuit (col 7, lines 25-35), the processor operable to define the 
specific packets detected by the forwarding circuit and operable to process the specific 
packets stored in the memory circuit using the enhanced access control list to generate 
the dynamic access control list (col 7, lines 36-64) and store the dynamic access 
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control list in the memory circuit, and further operable to provide the specific packets to 
the processor port of the forwarding circuit after processing the packets (col 9, lines 28- 
67). 

Regarding claim 19, Droms et al disclosed that the processor further comprises a 
direct memory access controller coupled between the forwarding engine and the 
memory (col 10, lines 40-57). 

Regarding claims 20,24, Droms et al disclosed the switch comprises an Ethernet 
switch and wherein the packets comprise Ethernet packets (col 6, lines 41-45). 

Regarding claims 21 ,25, Droms et al disclosed wherein the enhanced access 
control list comprises user names (col 7, lines 24-35), DNS names (col 12, lines 21- 
32), Windows domain names, and physical addresses (col 11, lines 20-28). 

Regarding claim 23, Droms et al disclosed at least some of the hosts comprise 
personal computer systems (col 6, lines 5-10, Fig 6). 

Conclusion 

6. Any inquiry concerning this communication or earlier communications should be 
directed to the attention to Venkatesh Haliyur whose phone number is 571-272-8616. 
The examiner can normally be reached on Monday-Friday from 9:00AM to 5:00 PM. If 
attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Edan Orgad can be reached @ (571)-272-7884. Any inquiry of a general 
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nature or relating to the status of this application or proceeding should be directed to the 


group receptionist whose telephone number is (571)-272-2600 or fax to 571-273-8300. 

7. Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for published 
applications may be obtained from either Private PAIR or Public PAIR. Status 
information for unpublished applications is available through Private PAIR only. For 
more information about the PAIR system, see http://pair-direct.uspto.gov . Should you 
have questions on access to the Private PAIR system, contact the Electronic Business 
Center (EBC) at 866-21 7-91 97(toll-free). 


Venkatesh Haliyur 


EDAN B. ORGAD 
SUPERVISORY PATENT EXAMINER 


Patent Examiner 




